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CLAIMS 

What is claimed is: 

1 . A method of managing consent between a client and a network server, said 
client and said network server being coupled to a data communication network, said 
network server providing a service to a user via the client, said client operating a 
browser configured to permit the user to communicate on the data communication 
network, said method comprising: 

maintaining a user profile associated with the user; 

receiving a request from the service provided by the network server for user 
information associated with the user and for consent to use the requested user 
information; 

determining, in response to the request for consent, if the requested user 
information is included in the user profile; 

providing a user interface via the browser to collect the requested user 
information that is not included in the user profile from the user; 

receiving the user information provided by the user via the user interface; and 

allowing access by the service to the received user information. 

2. The method of claim 1, further comprising updating the user profile with the 
received user information. 
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3. The method of claim 1, further comprising allowing, in response to the request 
for consent, access by the service to the requested user information if the user 
information is included in the user profile. 

4. The method of claim 1 , wherein the user profile is being maintained by a 
central server, said central server being coupled to the data communication network, 
and wherein the user interface is being provided by the central server and displays user 
information previously included in the user profile. 

5. The method of claim 1 , wherein the user interface displays a user-selectable 
option for viewing intention information associated with the requested user information, 
said intention information describing how the requested user information will be used by 
the sen/ice provided by the network server. 

6. The method of claim 5, further comprising providing an intention user interface 
via the browser for displaying the intention information, said intention user interface 
being provided in response to the user-selectable option being selected by the user. 

7. The method of claim 6, wherein said intention user interface further displays 
retention information associated with the requested user information, said retention 
information specifying how long the requested user information will be retained by the 
service provided by the network server. 
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8. The method of claim 6, wherein the service provided by the network server is 
a member of a policy group, and wherein said intention user interface further displays a 
list of members of said policy group. 

9. The method of claim 8, wherein said intention user interface further displays a 
second user-selectable option for viewing a privacy policy associated with said policy 
group, said privacy policy relating to how user information that the policy group is 
granted consent to use is to be protected. 

10. The method of claim 9, further comprising providing a policy user interface 
via the browser for displaying the privacy policy, said policy user interface being 
provided in response to the second user-selectable option being selected by the user. 

11. The method of claim 1 , wherein the service provided by the network is 
granted consent to use user information included in the user profile. 

12. The method of claim 1 1 , further comprising providing a revocation user 
interface via the browser for allowing the user to revoke consent for the service provided 
by the network server to use the user information included in the user profile, said 
revocation user interface displaying a list of services for which the user has granted 
consent to use the user information included in the user profile. 
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13. The method of claim 12, wherein said revocation user interface further 
displays a user-selectable option for revoking consent for the service provided by the 
network server to use the user information included in the user profile. 

1 4. The method of claim 1 3, further comprising revoking consent for the service 
provided by the network server to use the user information included in the user profile in 
response to the user-selectable option being selected by the user. 

1 5. The method of claim 1 , further comprising providing an administrator user 
interface to a responsible person of the user in response to said receiving the user 
information provided by the user, said another user interface allowing the responsible 
person of the user to grant consent for the service provided by the network server to 
use the received user information. 

16. The method of claim 15, wherein said allowing access by the service to the 
received user information comprises allowing access by the service to the received user 
information if consent for the service to use the received user information is granted by 
said responsible person. 

17. The method of claim 15, wherein said responsible person is a parent of the 

user. 
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18. The method of claim 1, wherein one or more computer-readable media have 
computer-executable instructions for performing the method recited in claim 1. 

19. An authentication system comprising: 

an authentication server coupled to a data communication network; 

an authentication database associated with the authentication server, said 
authentication database being configured to store authentication information for 
comparison to login information provided by a user for authenticating the user, said 
authentication database further being configured to store user-specific information 
identifying the user with respect to one or more services provided by at least one 
affiliate server coupled to the data communication network, said affiliate server being 
configured to provide the one or more services to the user via a client coupled to the 
data communication network; 

said authentication server being configured to receive a request from the user for 
a service to be provided by the affiliate server, said authentication server further being 
configured to authenticate the user responsive to the request when login information 
retrieved from the user via the data communication network matches the authentication 
information stored in the authentication database; 

said authentication server being further configured to maintain a user profile 
storing the user-specific information, to receive a request from the requested service for 
user information associated with the user and consent to use the requested user 
information, to determine if the requested user information is stored in the user profile in 
response to the request for consent; and 
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said authentication server being further configured to provide a user interface to 
collect the requested user information that is not stored in the user profile from the user, 
to receive the user information provided by the user via the user interface in response, 
and to allow access by the requested service to the received user information. 

20. The system of claim 19, wherein the authentication server is configured to 
update the user profile with the received user information. 

21. The system of claim 19, wherein the authentication server is configured to 
allow, in response to the request for consent, access by the requested service to the 
requested user information if the user information is stored in the user profile. 

22. The system of claim 19, wherein the user interface provided by the 
authentication server displays the user-specific information previously stored in the user 
profile. 

23. The system of claim 19, wherein the user interface provided by the 
authentication server displays a user-selectable option for viewing intention information 
associated with the requested user information, said intention information describing 
how the requested user information will be used by the requested service. 

24. The system of claim 23, wherein the authentication server is configured to 
provide an intention user interface for displaying the intention information, said intention 
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user interface being provided by the authentication server in response to the user- 
selectable option being selected by the user. 

25. The system of claim 24, wherein said intention user interface further displays 
retention information associated with the requested user information, said retention 
information specifying how long the requested user information will be retained by the 
requested service. 

26. The system of claim 24, wherein the requested service is a member of a 
policy group, and wherein said intention user interface further displays a list of members 
of said policy group. 

27. The system of claim 1 , wherein the requested service is granted consent to 
use the user-specific information stored in the user profile. 

28. The system of claim 27, wherein the authentication server is configured to 
provide a revocation user interface for allowing the user to revoke consent for the 
requested service to use the user-specific information stored in the user profile, said 
revocation user interface displaying a list of services that the user has granted consent 
to use the user-specific information stored in the user profile. 
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29. The system of claim 28, wherein said revocation user interface further 
displays a user-selectable option for revoking consent for the requested service to use 
the user-specific information stored in the user profile. 

30. The system of claim 29, wherein the authentication server is configured to 
revoke consent for the requested service to use the user-specific information stored in 
the user profile in response to the use-selectable option being selected by the user. 

31. The system of claim 19, wherein the authentication server is configured to 
provide an administrator user interface to a responsible person of the user in response 
to the received user information, said administrator user interface allowing the 
responsible person of the user to grant consent for the requested service to use the 
received user information. 

32. The system of claim 31 , wherein the authentication server is configured to 
allow access by the requested service to the received user information if consent for the 
requested service to use the received user information is granted by said responsible 
person. 



33. One or more computer-readable media having computer-executable 
components for managing consent between a client and at least one network server, 
said client and said network server being coupled to a data communication network, 
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said network server providing a service to a user via the client, said computer-readable 
media comprising: 

a profiling component for storing user-specific information associated with the 

user; 

a consent component for receiving a request from the service provided by the 
network server for user information associated with the user and for consent to use the 
requested user information, said consent component further determining if the 
requested user information is stored in the profiling component in response to the 
request for consent; 

a user interface component for collecting the requested user information that is 
not included in the profiling component from the user; and 

wherein the consent component is configured to receive the requested user 
information provided by the user via the user interface component and to allow access 
by the service to the received user information. 

34. The computer-readable media of claim 33, wherein the consent component 
is configured to store the received user information in the profiling component. 

35. The computer-readable media of claim 33, wherein the user interface 
component is configured to display the user-specific information previously stored in the 
profiling component. 
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36. The computer-readable media of claim 33, further comprising a reviewing 
component for displaying intention information associated with the user information, 
said intention information describing how the user information will be used by the 
service provided by the network server. 

37. The computer-readable media of claim 36, wherein the reviewing component 
is configured to display retention information associated with the user information, said 
retention information specifying how long the user information will be retained by the 
service provided by the network server. 

38. The computer-readable media of claim 36, wherein the service provided by 
the network server is a member of a policy group, and wherein the reviewing 
component is configured to display a list of members of said policy group. 

39. The computer-readable media of claim 33, further comprising a revoking 
component for allowing the user to revoke consent for the service provided by the 
network server to use the user-specific information stored in the profiling component, 
said revoking component displaying a list of services that the user has granted consent 
to use the user-specific information stored in the profiling component. 

40. The computer-readable media of claim 33, further comprising a managed- 
consent component for providing the received user information to a responsible person 
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of the user to allow the responsible person of the user to grant consent for the service 
provided by the network server to use the received user information. 



